"oc new-app"不会通过输入图像完全暴露端口 [英] "oc new-app" does not expose port altough the input image does

问题描述

我正在研究OpenShift 3.9，并设法使用oc new-app和Docker构建策略构建并运行了第一个容器.我的Dockerfile包含命令EXPOSE 5432.

I'm exploring OpenShift 3.9 and have managed to get a first container built and running with oc new-app and the Docker build strategy. My Dockerfile includes the command EXPOSE 5432.

首次发布oc describe istag/my_app:latest | grep ^Exposes报告Exposes Ports: 5432/tcp后，看起来不错:该图像公开了端口5432.但是oc describe po/my_app-1-some_id | grep "^\s*Port"报告了Port: <none>，因此总体而言，该端口似乎在Docker级别公开，但还不是Kubernetes/OpenShift的级别.

After the rollout oc describe istag/my_app:latest | grep ^Exposes reports Exposes Ports: 5432/tcp, so that looks good: the image exposes port 5432. But oc describe po/my_app-1-some_id | grep "^\s*Port" reports Port: <none>, so overall it seems as if the port is exposed at the level of Docker, but not yet the level of Kubernetes/OpenShift.

OpenShift文档表示以下内容:

new-app命令尝试检测输入图像中的裸露端口. 它使用最低的数字暴露端口来生成服务， 暴露该端口.为了公开另一个端口，在new-app之后 已经完成，只需使用oc暴露命令生成额外的 服务.

The new-app command attempts to detect exposed ports in input images. It uses the lowest numeric exposed port to generate a service that exposes that port. In order to expose a different port, after new-app has completed, simply use the oc expose command to generate additional services.

为什么oc new-app在这种情况下不公开端口5432(实际上，它也不会创建任何service资源)，我如何使其自动完成，因为输入图像已经存在并且似乎可以判断从文档中获取?

Why does oc new-app not expose port 5432 in this situation (in fact it does not create any service resource either) and how can I make it do so automatically, as the input image already does and as seems possible judging from the documentation?

更新，以下是有关如何创建新应用程序的更多详细信息:

UPDATE Here is more detail on how the new application was created:

oc new-app ssh://my_account@my_git_server/my_path/my_repo.git
  --context-dir=my_dir --strategy=docker --name my_app

到目前为止，Git存储库包含一个普通的my_dir/Dockerfile，而该存储库又包含命令EXPOSE 5432.

The Git repository contains a so far trivial my_dir/Dockerfile, and it in turn contains the command EXPOSE 5432.

推荐答案

最后，问题突然"消失了，oc new-app现在确实暴露了端口(如文档所述).到目前为止，我正在使用这样的普通Dockerfile

In the end, the problem "suddenly" went away and oc new-app now indeed exposes the port (as the documentation says). I am so far using a trivial Dockerfile such as this

FROM debian:stretch
EXPOSE 5432

COPY start.sh /usr/local/bin/start.sh
CMD ["start.sh"]

其中startup.sh调用sleep infinity.在解释方面，我只能猜测我犯了一些导致干扰的次要和暂时性错误.

where startup.sh calls sleep infinity. In terms of explanation, I can only guess that I had made some secondary and transient error that caused an interference.

以下是尝试诊断和解决问题时的经验教训(非常感谢@GrahamDumpleton):

Here are lessons learned while attempting to diagnose and solve the issue (big thanks to @GrahamDumpleton):

• 如果oc new-app一切正常，则oc get all应该为资源svc/my_app指示端口5432/TCP，并且还应该列出类型为deploymentconfigs，buildconfigs，builds的新OpenShift(和Kubernetes)资源. ，imagestreams，po和rc.
• 此自动机制仅在端口内部公开端口 群集，即svc/my_app具有(并监听)群集IP(而非外部IP).
• 其他参数--dry-run -output json使oc new-app进行试运行并打印通常会创建哪些资源的精确描述(以JSON格式).

• If all goes well with oc new-app, oc get all should indicate port 5432/TCP for resource svc/my_app and should also list new OpenShift (and Kubernetes) resources of types deploymentconfigs, buildconfigs, builds, imagestreams , po, and rc.
• This automatic mechanism exposes the port only inside the cluster, i.e. svc/my_app has (and listens on) a cluster-IP (not: external-IP).
• Additional arguments --dry-run -output json cause oc new-app to conduct a dry-run and print an exact description (in JSON format) of what resources it would normally create.

这篇关于"oc new-app"不会通过输入图像完全暴露端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！